NIST SP 800-63 defines that “digital authentication establishes that a subject attempting to access a digital service is in control of one or more valid authenticators associated with that subject’s digital identity.” For services in which return visits are applicable, successfully authenticating provides reasonable risk-based assurances that the subject accessing the service today is the same as that which accessed the service previously.
In this whitepaper, we will learn about various authentication methods and how these methods mitigate various attack vectors and match with various levels of authentication assurance.
We will also discuss: